/**   
 * @Title: WeixinLoginInterceptor.java 
 * @Package com.leesche.zcsp.node.web.intecepter.wechat 
 * @Description:() 
 * @author dennies yang
 * @date 2016年10月13日 下午5:52:54 
 * @version V1.0   
 */
package com.leesche.zcsp.node.web.intecepter.wechat;

import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.alibaba.fastjson.JSONObject;
import com.leesche.zcsp.node.pay.wecha.service.PayService;
import com.leesche.zcsp.node.utils.web.messge.WebResult;
import com.leesche.zcsp.node.web.constants.Constants;
import com.leesche.zcsp.node.web.service.privilege.PrivilegeService;
import com.leesche.zcsp.node.web.vo.Principal;

/**
 * @Title: WeixinLoginInterceptor.java
 * @Package com.leesche.zcsp.node.web.intecepter.wechat
 * @Description:(微信管理拦截器)
 * @author dennies yang
 * @date 2016年10月13日 下午5:52:54
 * @version V1.0
 */
public class WechatAuthenticationInterceptor extends HandlerInterceptorAdapter {

	private static AntPathMatcher antPathMatcher = new AntPathMatcher();

	@Autowired
	PayService payService;

	@Autowired
	PrivilegeService privilegeService;

	@Override
	public boolean preHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {

		String uri = request.getRequestURI()
				.replaceAll(Constants.SITE_NAME, "");
		boolean isAjax = true;
		String messge = "";

		// GET请求对应的是查询权限
		if (request.getMethod().equalsIgnoreCase("GET")) {
			// 查询权限验证
			if (privilegeService.isUserWechatPrivilege(uri)) {
				return true;
			} else {
				messge = "您没有查询当前资源的权限";
			}
			// POST请求对应的是操作权限
		} else if (request.getMethod().equalsIgnoreCase("POST") || request.getMethod().equalsIgnoreCase("DELETE")) {
			// 操作权限验证
			if (privilegeService.isUserOperationPrivilege(uri)) {
				return true;
			} else {
				if (antPathMatcher.match("/wechat/indivdual/uploadLogo", uri)) {
					isAjax = false;
				}

				messge = "您没有操作当前资源的权限";
			}

		}

		response.setCharacterEncoding("utf-8");
		response.setContentType("text/html;charset=utf-8");

		String requestType = request.getHeader("X-Requested-With");
		if ((requestType != null && (requestType
				.equalsIgnoreCase("XMLHttpRequest"))) || !isAjax) {

			Map<String, Object> result = new HashMap<String, Object>();
			response.setContentType("application/json;charset=UTF-8");

			result.put("result", false);
			result.put("info", messge);

			String json = JSONObject.toJSONString(result);
			response.getWriter().append(json);
		} else {

			StringBuilder sb = new StringBuilder();
			sb.append(request.getScheme()).append("://")
					.append(request.getServerName()).append(":")
					.append(request.getServerPort())
					.append(request.getContextPath())
					.append(Constants.NOTIC_DEFAULT_ERRORVIEW_NOMODULE);

			response.sendRedirect(sb.toString());
		}
		return false;

	}

	// 正常完成的情况
	@Override
	public void postHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception {
		System.out.println("拦截器结束!");
		response.addHeader("status", "Not Authorized");
		super.postHandle(request, response, handler, modelAndView);
	}

	/**
	 * <处理controller抛出异常的情况>
	 */
	@Override
	public void afterCompletion(HttpServletRequest request,
			HttpServletResponse response, Object handler, Exception ex)
			throws Exception {
		super.afterCompletion(request, response, handler, ex);
	}

	@Override
	public void afterConcurrentHandlingStarted(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {
		// TODO Auto-generated method stub
		super.afterConcurrentHandlingStarted(request, response, handler);
	}

}
